Yankees Team Gynecologist:pdkl95: Well, it's at least 1 in 6 writers. We should add in all the people in jail that were not told the proper source of the "evidence" against them (probably because of parallel construction)

I'm looking for a "body" count so to speak (not literal deaths, but persons hassled/persecuted). I understand that granting law enforcement this access opens the door to all kinds of abuses, so I'm interested in hearing the actual horror stories. Note that I'm not saying that I think it's low--I'm interested in whatever the result is, high, low, or anything in between. I don't see a lot of these specific stories around, but that could just mean they're not easy to document.

That's the thing about these kinds of abuses: the part we (the public) get to see is likely only a tiny part of what goes on, and we often have to dig through layers of indirection to find it.

As for hassled/persecuted, if you haven't yet done so, you should read the link I gave up above by Binney/Drake/etc. Specifically, Thomas Drake's story, which you can also hear him tell in his own words at this talk at 29C3 (I've linked to Drake's talk, but Radack's and Binney's talk in that video are also worth watching).

That opens the question to how effective the initial tests for patches have been, since there are a lot of "nodes" on the internet. Sure, gmail.com, yahoo.com, or bankofamerica.com may be fixed, but don't a lot of these places also implement some kind of third-party B2B back-end processing with names like virtualaccountservice or something with "cdn" in it? So there's the question of whether those servers are patched, not to mention the actual hardware routers and switches.

Doktor_Zhivago:My understanding is that it just spits out random memory blocks that may or may not be particularly useful. The NSA was installing back doors into hardware and has the ability to track actual phone calls so I don't see how this is particularly useful to them

Personally if I were an American taxpayer I'd be disappointed if the NSA didn't know about it and wasn't actively exploiting it. You sort of expect intelligence agencies to be doing this sort of shady stuff as part of their job.

jshine:It'd seem paranoid ... except for all the well-documented nefarious plots that we've seen already.

Serious question--how many upstanding citizens have been/think they have been/are thought to have been farked by those NSA practices? For the purposes of this question, do not count read-only use of personal email, Facebook, etc. but otherwise not influencing people's lives as "farked." Also, I don't really count finding but staying quiet about Heartbleed (even if it allowed ID theft by non-NSA criminals) because it was out in the open for everyone to see; I would however count it if they actively created it, or cases where the NSA used Heartbleed as an avenue to legitimately fark someone.

I think I did hear about at least a few cases where the federal government seems to have silenced or shut down some people and businesses. I understand that even if it's 1 person, that's 1 too many; and even if it's 0, it's still a serious violation of civil liberties. So my above question is obviously not the same as asking "Is what the NSA does OK?"

However, I still think it is a valid question for certain practical considerations. For example, if the number is extremely low, I would rather the NSA were the exploiters of Heartbleed than cybercriminal organizations. Both are bad but only the latter would have practical implications. Of course it could be both, which is the worst part about the NSA weakening security.

sanriosucks:Someone brought this up in an earlier thread, but it's a perspective I had never really thought of;

All things aside (which is hard to do, considering basic, fundamental American rights and all), all of that, put aside for just a moment,... What an incredible, monumental, epic boondoggle. Such flagrant waste, fraud, and abuse. The NSA has spent an untold amount on this.. We don't even get to know. And for what. Let's assume they know everything... They can't use it. They can't share it. We know for a fact they can't even look through it all.Can you imagine if they were scientist, ornithologist, say, and went to congress asking for a budget to collect everything imaginable on ivory billed woodpeckers.. An unlimited budget to collect all information on each of them. Each individual bird. How many mites were in their nest, etc.. And they had to promise in their budget to never, ever use the data. To collect more than they had the capability to process. For science, you know...

Someone brought this up in an earlier thread, but it's a perspective I had never really thought of;

All things aside (which is hard to do, considering basic, fundamental American rights and all), all of that, put aside for just a moment,... What an incredible, monumental, epic boondoggle. Such flagrant waste, fraud, and abuse. The NSA has spent an untold amount on this.. We don't even get to know. And for what. Let's assume they know everything... They can't use it. They can't share it. We know for a fact they can't even look through it all.Can you imagine if they were scientist, ornithologist, say, and went to congress asking for a budget to collect everything imaginable on ivory billed woodpeckers.. An unlimited budget to collect all information on each of them. Each individual bird. How many mites were in their nest, etc.. And they had to promise in their budget to never, ever use the data. To collect more than they had the capability to process. For science, you know...